Shulou(Shulou.com)06/01 Report--

This article mainly shows you "what are the security problems in the server". The content is simple, easy to understand and clearly organized. I hope it can help you solve your doubts. Let Xiaobian lead you to study and learn this article "what are the security problems in the server".

Dear users:

Recently, overseas hacker organizations have published a number of Windows high-risk vulnerabilities and batch exploitation tools, which can be used to execute arbitrary commands on Windows servers with open ports 135/137/139/445, causing a series of serious consequences including host blue screen, data deletion by intrusion, etc. Microsoft has officially released a vulnerability patch, but a large number of customers have not yet patched it, which is extremely risky. In order to better improve the security of servers and cloud hosts, please pay attention to the following information:

For Windows OS servers in use, please confirm whether ports [135, 137, 139, 445] of the server are open. These ports are affected by this vulnerability and can easily lead to server intrusion. If the port is enabled, please note:

1. If you do not use these ports in your business, please log in to the login server as soon as possible and close these ports, such as stopping related services, opening firewalls or blocking these ports.

2. If your business uses SMB protocol or above ports, Microsoft has issued announcements and patches, https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/. We strongly recommend that you log in to the server to install the latest Windows patches and reboot the system for the patches to take effect. Or use the Windows Update feature that comes with the system to update the latest patches and restart them to take effect.

3. Turn off the host smart card service to prevent the RDP service from being attacked. The following is the specific setting method.

Windows2008, 2012 setup method: run input gpedit.msc-> computer configuration-> management templates->windows components-> smart card, and then set all items with the keyword "smart card" in the settings list to "disabled."

Windows2003 setup method: run input gpedit.msc-> computer configuration->windows settings-> security settings-> local policy-> security options, interactive login: require smart card set to disabled, interactive login: smart card removal action set to lock workstation.

After receiving this notification, please pay attention to it and confirm whether the above ports are open on the windows server you are using. If so, please immediately handle them to ensure the security of your server.

In addition, in order to use the server more secure, more worry, we recommend that you install the server security dog, it is a set of server security protection and security management as one of the comprehensive server tools. Server security protection software that supports the full range of Windows operating systems (Windows2003/Windows2008/Windows2012 32-bit 64-bit) and Linux operating systems to directly shield attacks from the driver layer and protect server security.

The above is "what are the security problems that appear on the server". Thank you for reading all the contents of this article. I believe that everyone has a certain understanding, hope to share the content to help everyone, if you still want to learn more knowledge, welcome to pay attention to the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.